Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/jPUOYp9efi91mUrQ_FvfSjGumjQ.roa
File: jPUOYp9efi91mUrQ_FvfSjGumjQ.roa (raw, json)
Hash identifier: YFPC6Bf4KkbTWX+H0hVgKow/T60pYZyErkmGryJQ0BY=
Subject key identifier: 8C:F5:0E:62:9F:5E:7E:2F:75:99:4A:D0:FC:5B:DF:4A:31:AE:9A:34
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 0187D82C1F95F5C79E43CF676C2ED2449BBF
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/jPUOYp9efi91mUrQ_FvfSjGumjQ.roa
Signing time: Mon 01 May 2023 16:36:22 +0000
ROA not before: Mon 01 May 2023 16:36:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50304
IP address blocks: 193.28.1.0/24 maxlen: 24
193.28.4.0/24 maxlen: 24
193.28.7.0/24 maxlen: 24
178.255.144.0/21 maxlen: 32
91.90.40.0/21 maxlen: 24
91.199.193.0/24 maxlen: 24
194.99.40.0/22 maxlen: 24
185.41.240.0/22 maxlen: 24
193.138.6.0/23 maxlen: 24
176.125.232.0/22 maxlen: 22
134.90.144.0/21 maxlen: 32
134.90.148.0/24 maxlen: 24
194.127.198.0/23 maxlen: 23
194.127.199.0/24 maxlen: 24
91.205.184.0/22 maxlen: 22
193.27.45.0/24 maxlen: 24
37.202.56.0/21 maxlen: 24
31.169.48.0/21 maxlen: 32
185.35.200.0/24 maxlen: 24
185.35.200.0/22 maxlen: 24
185.12.56.0/22 maxlen: 24
194.35.228.0/22 maxlen: 24
185.152.32.0/23 maxlen: 23
185.152.32.0/22 maxlen: 24
217.197.164.0/22 maxlen: 24
45.152.48.0/22 maxlen: 22
91.227.248.0/22 maxlen: 22
2a02:ed01::/32 maxlen: 32
2a02:ed00::/32 maxlen: 32
2a02:ed03::/32 maxlen: 32
2a02:ed04:3580::/44 maxlen: 44
2a02:ed04:3400::/44 maxlen: 44
2a02:ed04:4400::/44 maxlen: 44
2a02:ed04:4500::/44 maxlen: 44
2a02:ed04:4600::/44 maxlen: 44
2a02:ed04:4700::/44 maxlen: 44
2a02:ed04:100::/44 maxlen: 44
2a02:ed06::/32 maxlen: 32
2a02:20c8::/32 maxlen: 48
2a07:7d80::/29 maxlen: 29
2a04:8d40::/29 maxlen: 32
2a02:ed05::/32 maxlen: 32
2a02:ed00::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d8:2c:1f:95:f5:c7:9e:43:cf:67:6c:2e:d2:44:9b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: May 1 16:36:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cf50e629f5e7e2f75994ad0fc5bdf4a31ae9a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9a:d4:02:47:e8:63:db:2e:b8:96:ef:54:26:
9f:90:c2:9d:cb:8e:be:5b:fb:83:12:0f:ce:b2:31:
d3:0c:c5:53:ad:89:6a:02:54:bb:74:c2:09:90:ae:
63:bd:48:2f:65:24:97:01:c0:b5:29:be:55:8d:3d:
aa:7e:eb:d3:d2:c9:42:85:03:36:57:dc:d9:fa:80:
5c:16:2a:ae:6f:ff:e8:9c:45:13:6d:77:53:b7:35:
35:49:3b:14:05:8f:eb:f4:0b:52:9f:f7:b2:30:aa:
c6:02:32:c3:9e:47:9f:7c:fd:42:d0:4d:85:fb:b1:
2e:02:d1:ab:c4:84:b2:b9:a6:54:f7:b5:67:df:26:
26:05:ec:be:90:8f:07:f1:e5:e4:43:46:f3:6f:68:
a6:0a:c6:56:78:04:2e:aa:a0:c2:c7:80:49:44:57:
87:ae:10:71:41:51:17:96:82:2d:d7:21:e8:60:a1:
97:5d:12:e3:2a:d6:01:21:07:fd:ae:07:ed:52:eb:
df:6a:ee:66:dc:30:4f:6c:40:d4:00:63:5d:c5:fe:
b6:ea:b1:41:87:3a:c9:76:f9:5f:e1:47:5b:54:00:
cb:08:57:d0:a0:a5:50:8b:32:7f:c7:12:d7:5e:a7:
99:9f:87:d7:f8:de:84:af:19:13:0e:ac:11:1b:6a:
35:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F5:0E:62:9F:5E:7E:2F:75:99:4A:D0:FC:5B:DF:4A:31:AE:9A:34
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/jPUOYp9efi91mUrQ_FvfSjGumjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.48.0/21
37.202.56.0/21
45.152.48.0/22
91.90.40.0/21
91.199.193.0/24
91.205.184.0/22
91.227.248.0/22
134.90.144.0/21
176.125.232.0/22
178.255.144.0/21
185.12.56.0/22
185.35.200.0/22
185.41.240.0/22
185.152.32.0/22
193.27.45.0/24
193.28.1.0/24
193.28.4.0/24
193.28.7.0/24
193.138.6.0/23
194.35.228.0/22
194.99.40.0/22
194.127.198.0/23
217.197.164.0/22
IPv6:
2a02:20c8::/32
2a02:ed00::/29
2a04:8d40::/29
2a07:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
3b:9e:03:57:78:6a:f5:fd:7c:7a:55:5c:bb:ff:ac:d3:fe:73:
83:2b:7d:f3:bf:32:b1:33:af:0e:81:3a:45:b7:e9:79:ec:57:
99:12:3f:13:6e:b4:04:7d:77:cc:be:ee:3e:8e:f8:98:ed:bc:
f2:13:9d:26:7d:12:2d:c0:d2:88:1f:23:79:59:1c:c9:6e:23:
38:05:83:2c:30:3b:86:ce:8e:3b:5c:14:a1:8a:c1:c5:4d:27:
52:ce:49:03:a6:b4:d7:9d:4b:d5:ea:cb:0a:9b:ec:82:52:c9:
35:56:0d:fa:8f:20:2f:37:b5:9b:cf:d4:78:d1:63:45:33:97:
45:20:1f:98:7c:1e:a3:31:c6:c6:bc:68:e8:32:7b:14:b7:a2:
1f:a2:a5:99:9a:ee:80:d8:e5:2a:fa:07:d1:49:b9:49:d0:15:
18:94:21:fb:58:41:6c:69:d6:05:5e:b6:b3:0c:07:9a:86:64:
b4:42:1d:87:e7:66:70:f8:25:e2:9d:e8:5a:1e:16:1f:ed:54:
9e:92:74:3f:37:09:57:dc:81:c4:f0:0e:8c:1c:89:6a:ae:d4:
3a:1c:ba:df:dd:a8:77:dd:ba:c2:df:4b:13:76:d6:76:45:56:
89:06:14:dd:e9:21:9f:6a:e4:5a:c1:84:69:62:1c:a9:70:6c:
fd:8d:0d:2f
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYfYLB+V9ceeQ89nbC7SRJu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjMwNTAxMTYzNjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Y1MGU2MjlmNWU3ZTJmNzU5OTRhZDBmYzViZGY0YTMxYWU5YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZrUAkfoY9suuJbvVCafkMKdy46+
W/uDEg/OsjHTDMVTrYlqAlS7dMIJkK5jvUgvZSSXAcC1Kb5VjT2qfuvT0slChQM2
V9zZ+oBcFiqub//onEUTbXdTtzU1STsUBY/r9AtSn/eyMKrGAjLDnkeffP1C0E2F
+7EuAtGrxISyuaZU97Vn3yYmBey+kI8H8eXkQ0bzb2imCsZWeAQuqqDCx4BJRFeH
rhBxQVEXloIt1yHoYKGXXRLjKtYBIQf9rgftUuvfau5m3DBPbEDUAGNdxf626rFB
hzrJdvlf4UdbVADLCFfQoKVQizJ/xxLXXqeZn4fX+N6ErxkTDqwRG2o1JwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFIz1DmKfXn4vdZlK0Pxb30oxrpo0MB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvalBVT1lwOWVmaTkxbVVyUV9GdmZTakd1bWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBkQQCAAEwgYoDBAMf
qTADBAMlyjgDBAItmDADBANbWigDBABbx8EDBAJbzbgDBAJb4/gDBAOGWpADBAKw
fegDBAOy/5ADBAK5DDgDBAK5I8gDBAK5KfADBAK5mCADBADBGy0DBADBHAEDBADB
HAQDBADBHAcDBAHBigYDBALCI+QDBALCYygDBAHCf8YDBALZxaQwIgQCAAIwHAMF
ACoCIMgDBQMqAu0AAwUDKgSNQAMFAyoHfYAwDQYJKoZIhvcNAQELBQADggEBADue
A1d4avX9fHpVXLv/rNP+c4MrffO/MrEzrw6BOkW36XnsV5kSPxNutAR9d8y+7j6O
+JjtvPITnSZ9Ei3A0ogfI3lZHMluIzgFgywwO4bOjjtcFKGKwcVNJ1LOSQOmtNed
S9Xqywqb7IJSyTVWDfqPIC83tZvP1HjRY0Uzl0UgH5h8HqMxxsa8aOgyexS3oh+i
pZma7oDY5Sr6B9FJuUnQFRiUIftYQWxp1gVetrMMB5qGZLRCHYfnZnD4JeKd6Foe
Fh/tVJ6SdD83CVfcgcTwDowciWqu1Docut/dqHfdusLfSxN21nZFVokGFN3pIZ9q
5FrBhGliHKlwbP2NDS8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:01 2025 by rpki-client